module.exports = app => {
  const assert = require('http-assert')
  const jwt = require('jsonwebtoken')
  const AdminUser = require('../models/AdminUser')
  return async (req, res, next) => {
    const token = String(req.headers.authorization || '' ).split(' ').pop()
    assert(token, 401, '请先登陆')
    const {id} = jwt.verify(token, app.get('secret')) //token 验证解码
    assert(id, 401, '请先登陆')
    req.user = await AdminUser.findById(id)
    assert(req.user, 401, '请先登陆')
    await next()
  }
}